<?php
class UsersController extends AppController {

	var $name = 'Users';

	function beforeFilter() {
		//autentikáció
		$this->Auth->fields = array(
			'username' => 'user',
			'password' => 'pass'
			);
		if(empty($this->data)) {
			$this->Session->delete('Message.auth');
		}
		$this->Auth->autoRedirect = false; 
	}
	
	function isAuthorized(){
		if($this->Auth->user('id') == 1){		//admin user az 1-es
			return true;
		}
		else{
			if(in_array($this->action, array(
														'login', 'logout', 'edit'
														))){
				return true;
			}
		}
		return false;		//minden más tiltva
	}

	function login(){
		//print $this->Auth->password('rrd');		//első jelszó generálása az auth működéséhez
		//maga a bejelentkezés kezelés automatikusan történik az auth komponensben
		if(!empty($this->data)){
			//updateeljük a last_logint
			if($this->Auth->user('id')){
				$this->User->id = $this->Auth->user('id');
				$this->User->saveField('last_login', date('Y-m-d H:i:s'));
				$this->redirect($this->Auth->redirect('/ertekelesek/add/'));		//arra az url-re redirectáljuk amit eredetileg meghívott
			}
		}
	}

	function logout(){
		$this->redirect($this->Auth->logout());
	}

	function edit(){
		if (!empty($this->data)) {
			if($this->data['User']['pass_change'] != $this->data['User']['pass_confirm']){
				$this->Session->setFlash('A két megadott jelszó nem egyezik');
			}
			elseif($this->data['User']['pass_change']){
				//megfele-e a jelszó a biztonsági előírásoknak?
				if($this->_checkPasswordStrength($this->data['User']['pass_change'])){
					$this->data['User']['pass'] = $this->Auth->password($this->data['User']['pass_change']);
					
					$this->User->id = $this->Auth->user('id');
					if($this->User->save($this->data)){
						$this->Session->setFlash('Felhasználói adatok frissítve');
						$this->redirect('/');
						}
					else{
						$this->Session->setFlash('Nem tudtam a felhasználói adatokat menteni. Kérlek próbáld meg újra.', 'default', array('class' => 'alert'));
						}
				}
				else
					$this->Session->setFlash('A jelszónak legalább 3 karakter hosszúnak kell lennie.', 'default', array('class' => 'alert'));
			}
		}
		if (empty($this->data)) {
			$this->data = $this->User->read(null, $this->Session->read('Auth.User.id'));
		}
	}

/**
 * Jelszó erősség mérő
 * @param string $password a tesztelendő jelszó
 * @param int $minStrength minimálisan elvárt erősség max 4
 * @return true ha a jelszó elég erős, false egyébként
 */
	function _checkPasswordStrength($password, $minStrength = 1){
		$strength = 0;
		if(strlen($password) >= 3)
			$strength++;
		$patterns = array('/[a-z][A-Z][0-9][!"£$%^&*()`{}\[\]:@~;\'#<>?,.\/\\-=_+\|]/');
		foreach($patterns as $pattern){
			if(preg_match($pattern, $password, $matches)){
				$strength++;
			}
		}
		if($strength >= $minStrength)
			return true;
		return false;
	}
	
	
	function admin_index() {
		$this->User->recursive = 0;
		$this->set('users', $this->paginate());
	}

	function admin_view($id = null) {
		if (!$id) {
			$this->Session->setFlash(__('Invalid user', true));
			$this->redirect(array('action' => 'index'));
		}
		$this->set('user', $this->User->read(null, $id));
	}

	function admin_add() {
		if (!empty($this->data)) {
			$this->User->create();
			if ($this->User->save($this->data)) {
				$this->Session->setFlash(__('The user has been saved', true));
				$this->redirect(array('action' => 'index'));
			} else {
				$this->Session->setFlash(__('The user could not be saved. Please, try again.', true));
			}
		}
	}

	function admin_edit($id = null) {
		if (!$id && empty($this->data)) {
			$this->Session->setFlash(__('Invalid user', true));
			$this->redirect(array('action' => 'index'));
		}
		if (!empty($this->data)) {
			if ($this->User->save($this->data)) {
				$this->Session->setFlash(__('The user has been saved', true));
				$this->redirect(array('action' => 'index'));
			} else {
				$this->Session->setFlash(__('The user could not be saved. Please, try again.', true));
			}
		}
		if (empty($this->data)) {
			$this->data = $this->User->read(null, $id);
		}
	}

	function admin_delete($id = null) {
		if (!$id) {
			$this->Session->setFlash(__('Invalid id for user', true));
			$this->redirect(array('action'=>'index'));
		}
		if ($this->User->delete($id)) {
			$this->Session->setFlash(__('User deleted', true));
			$this->redirect(array('action'=>'index'));
		}
		$this->Session->setFlash(__('User was not deleted', true));
		$this->redirect(array('action' => 'index'));
	}
}
